Help

FileVault not enabling upon first login

ooshnoo
Valued Contributor

Posted on ‎12-22-2014 08:23 AM

Hi..

We're finally testing FV, and have a policy set to use an institutional key and to apply FV at next login.

Upon first login, we get prompted to enable it but when we ultimately login, it's not enabled. I have to reboot, get prompted again at login to enable it, and then it starts working.

We're using 10.10.1, and these are for AD users and the option to mount home drives at login is disabled. anyone got any thoughts?

0 Kudos
3 REPLIES 3

mojo21221
Contributor II

Posted on ‎12-23-2014 05:54 PM

I ran into that issue also. It is due to the drive not being converted to Core Storage properly or the need for the drive to already be Core Storage. At imaging I run a tiny 1 line script (set to After) to convert the Disk that was just imaged into Core storage. This way upon first boot it has already converted the disk and doesn't require a reboot to do so. Im sure you could implement the command other ways, but for our shop we know we need to restart at that point anyway. May as well take advantage of it.

#!/bin/bash
diskutil cs convert disk0s2

0 Kudos

ericjboyd
Contributor

Posted on ‎01-02-2015 11:38 AM

Does anyone have a EA check to see if the bootvolume is already Core Storage?

0 Kudos

justinrummel
Contributor III

Posted on ‎01-02-2015 12:23 PM

@ejboyd you could check the output of diskutil list or diskutil cs list.

diskutil list will have "Logical Volume" under your "Macintosh HD" drive if it's CS, so [code]diskutil list | grep "Logical Volume" | awk '{print $NF}'[/code]

diskutil cs list will either spit out the cs list info, or give you an message that the volume is not CS if it's not.

- Justin

0 Kudos